Security Advisory

CVE-2020-8292

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-21 19:13:28

Last updated 2024-08-04 09:56:28

Assigner hackerone

State PUBLISHED

Rocket.Chat server before 3.9.0 is vulnerable to a self cross-site scripting (XSS) vulnerability via the drag & drop functionality in message boxes.